your favourite method of dealing with ssh brute force attacks
Michał Piotrowski
mkkp4x4 at gmail.com
Wed Mar 17 22:08:28 UTC 2010
2010/3/17 Athmane Madjoudj <athmanem at gmail.com>:
> 2010/3/17 Michał Piotrowski <mkkp4x4 at gmail.com>:
>> Hi,
>>
>> I recetly had 30 hours of ssh brute force attack on my system. I'm
>> using strong passwords, but still can be geneated from /dev/random, so
>> I switched to rsa authentication. What's your favourite way to deal
>> with such attacks? Please describe pros and cons.
>>
>> Regards,
>> Michal
>> --
>> devel mailing list
>> devel at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/devel
>>
>
> 1. Change SSH port
I don't have a remote access to my cisco router, so I can't change
port forwarding - sigh.
> 2. Disable access to root via SSH
Actually I need this to deploy my project. I'll change this someday,
but it will take some time to tweak configuration.
> 3. Install HIDS eg: fail2ban is included in fedora OR BFD
> (http://www.rfxn.com/projects/brute-force-detection/)
I'm not sure if I want to blindly ban networks.
>
>
> --
> Athmane Madjoudj
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
Regards,
Michal
More information about the devel
mailing list